How’s Black Hat in 2015? It grows up (and leaves mom’s basement)

Update: For those interested in more information we will be reviewing the latest in cyber security covered at Black Hat USA 2015 in August 12 at 10 am PDT – join us!

The cybersecurity conference Black Hat is huge, so huge in fact that it outgrew its roots, in more ways than one. Typically held in the pseudo-cramped Caesar’s Palace years back, it now sprawls into the expanses of Mandalay Bay, and whereas the booths (what there was of them) used to not exist, or be hastily contrived from folding tables bedecked with hacker slogans, now the expo floor is replete with bouncy ball toys and antics normally reserved for corporate security events, not Blackhat. I even saw suits – bah! The place even smells good.

But its growth is easy to trace. Not only did the hacker types leave their mom’s basement and get jobs, some of them even were forced to start explaining security to the CEO. Few of them succeeded in this new role, but enough to convince the execs that if something bad happens in IT, it happens to the execs shortly thereafter.

Also, it used to be execs didn’t really expect to be hacked – now they do. No longer just about defending traditional desktop computer threats, various talks here showcased hacking everything from the phone you use to the new e-toaster you have at home, to the car you drive to work in. Security just got big.

“Will criminals stop trying to steal money and services, commit fraud and perform other computer-mediated crimes just because a particular kind of attack they use is now prevented?”

Recently my colleague Aryeh Goretsky was asked if we’ll still see hacking if the PC world gets overshadowed by other technologies. His answer was simple. “Will criminals stop trying to steal money and services, commit fraud and perform other computer-mediated crimes just because a particular kind of attack they use is now prevented?”

Speaking of cars, how many are on the road that will have hacks revealed for them in the future, and what will the manufacturers do about it? For how long will existing cars be supported – from a security perspective. How will manufacturers deal with the update cycle so familiar in traditional compute platforms? I drive old cars, so I expect I’ll be exempt – for a while.

Is smart car security growing up?

They keynote speaker summed it up nicely, saying that while people could choose to be more secure, they will more likely favor new features and fewer, “more elegant” sources of information ahead of better security when they make their decisions to purchase apps, laptops, tablets, cars and home refrigerators that tell them when the milk goes sour. They will therefore unwittingly, reverse the original intent of the Internet, which was to be open, free and expansive, in favor of narrow channels – like the TV of yesteryear with few portals to information – which feed them all they are inclined to consume, in hopefully secure manner (but ones largely devoid of privacy).

If human nature is unlikely to change anytime soon, it then falls to the companies behind the shiny, large, well-lit booths at Blackhat to protect it all, because we will need to have faith in them to guard the deluge of data that we freely spew their direction. I’m not sure we all believe that last part, but we act like we do.